Lead2pass presents the highest quality of 200-105 exam question which helps candidates to pass the 200-105 exams in the first attempt. Lead2pass professional tools like questions and answers are extremely reliable source of preparation. When you use Lead2pass preparation products your success in the Certification exam is guaranteed.

http://www.ciscopress.com/articles/article.asp?p=1722561Switchport Security Violations The second piece of switchport port-security that must be understood is a security violation including what it is what causes it and what the different violation modes that exist. A switchport violation occurs in one of two situations: When the maximum number of secure MAC addresses has been reached (by default, the maximum number of secure MAC addresses per switchport is limited to 1) An address learned or configured on one secure interface is seen on another secure interface in the same VLAN The action that the device takes when one of these violations occurs can be configured: Protect–This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped. Restrict–This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped. Shutdown–This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and re-enabling the switchport. Shutdown VLAN–This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN.

QUESTION 327 Refer to the exhibit. A technician pastes the configurations in the exhibit into the two new routers shown. Otherwise, the routers are configured with their default configurations. A ping from Host1 to Host2 fails, but the technician is able to ping the S0/0 interface of R2 from Host1. The configurations of the hosts have been verified as correct. What is the cause of the problem?

A. The serial cable on R1 needs to be replaced. B. The interfaces on R2 are not configured properly. C. R1 has no route to the 192.168.1.128 network. D. The IP addressing scheme has overlapping subnetworks. E. The ip subnet-zero command must be configured on both routers.

Answer: C Explanation: Whenever a node needs to send data to another node on a network, it must first know where to send it. If the node cannot directly connect to the destination node, it has to send it via other nodes along a proper route to the destination node. A remote network is a network that can only be reached by sending the packet to another router. Remote networks are added to the routing table using either a dynamic routing protocol or by configuring static routes. Static routes are routes to networks that a network administrator manually configured.So R should have static route for the 192.168.1.128.

QUESTION 328 Refer to the exhibit. What three actions will the switch take when a frame with an unknown source MAC address arrives at the interface? (Select three.)

Answer: ABC Explanation: Switchport Security Concepts and Configuration http://www.ciscopress.com/articles/article.asp?p=1722561Switchport Security Violations The second piece of switchport port-security that must be understood is a security violation including what it is what causes it and what the different violation modes that exist. A switchport violation occurs in one of two situations: When the maximum number of secure MAC addresses has been reached (by default, the maximum number of secure MAC addresses per switchport is limited to 1) An address learned or configured on one secure interface is seen on another secure interface in the same VLAN The action that the device takes when one of these violations occurs can be configured: Protect–This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped. Restrict–This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped. Shutdown–This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and re-enabling the switchport. Shutdown VLAN–This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN.

QUESTION 329 What does the frame-relay interface-dlci command configure?

A. local DLCI on the subinterface B. remote DLCI on the main interface C. remote DCLI on the subinterface D. local DLCI on the main interface

QUESTION 330 What can be done to secure the virtual terminal interfaces on a router? (Choose two.)

A. Administratively shut down the interface. B. Physically secure the interface. C. Create an access list and apply it to the virtual terminal interfaces with the access-group command. D. Configure a virtual terminal password and login process. E. Enter an access list and apply it to the virtual terminal interfaces using the access-class command.

Answer: DE Explanation: It is a waste to administratively shut down the interface. Moreover, someone can still access the virtual terminal interfaces via other interfaces -> A is not correct. We can not physically secure a virtual interface because it is “virtual” -> B is not correct. To apply an access list to a virtual terminal interface we must use the “access-class” command. The “access-group” command is only used to apply an access list to a physical interface -> C is not correct; E is correct. The most simple way to secure the virtual terminal interface is to configure a username & password to prevent unauthorized login -> D is correct.

QUESTION 331 Refer to the exhibit. Based on the exhibited routing table, how will packets from a host within the 192.168.10.192/26 LAN be forwarded to 192.168.10.1?

A. The router will forward packets from R3 to R2 to R1. B. The router will forward packets from R3 to R1 to R2. C. The router will forward packets from R3 to R2 to R1 AND from R3 to R1. D. The router will forward packets from R3 to R1.

Answer: C Explanation: From the routing table we learn that network 192.168.10.0/30 is learned via 2 equal- cost paths (192.168.10.9 &192.168.10.5) – traffic to this network will be load-balancing.

QUESTION 332 Refer to the exhibit. What information about the interfaces on the Main_Campus router is true?

A. The LAN interfaces are configured on different subnets. B. Interface FastEthernet 0/0 is configured as a trunk. C. The Layer 2 protocol of interface Serial 0/1 is NOT operational. D. The router is a modular router with five FastEthernet interfaces. E. Interface FastEthernet 0/0 is administratively deactivated.

Answer: B Explanation: Interface fa0/0 breaks into sub interface and Main_Campus router is connected with switch via fa0/0 .Subinterfaces configured with different subnet mask so its seem switch has multiple vlans and allow communication between vlan , router and inter-vlan we need to make a trunk port.So B will be the correct answer.

QUESTION 333 Refer to the exhibit. C-router is to be used as a “router-on-a-stick” to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration?

A. These commands need to be added to the configuration: C-router(config)# router eigrp 123 C-router(config-router)# network 172.19.0.0 B. These commands need to be added to the configuration: C-router(config)# router ospf 1 C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0 C. These commands need to be added to the configuration: C-router(config)# router rip C-router(config-router)# network 172.19.0.0 D. No further routing configuration is required.

QUESTION 334 Refer to the exhibit. Assume that all router interfaces are operational and correctly configured. In addition, assume that OSPF has been correctly configured on router R2. How will the default route configured on R1 affect the operation of R2?

A. Any packet destined for a network that is not directly connected to router R1 will be dropped. B. Any packet destined for a network that is not directly connected to router R2 will be dropped immediately. C. Any packet destined for a network that is not directly connected to router R2 will be dropped immediately because of the lack of a gateway on R1. D. The networks directly connected to router R2 will not be able to communicate with the 172.16.100.0, 172.16.100.128, and 172.16.100.64 subnetworks. E. Any packet destined for a network that is not referenced in the routing table of router R2 will be directed to R1. R1 will then send that packet back to R2 and a routing loop will occur.

Answer: E Explanation: First, notice that the more-specific routes will always be favored over less-specific routes regardless of the administrative distance set for a protocol. In this case, because we use OSPF for three networks (172.16.100.0 0.0.0.3, 172.16.100.64 0.0.0.63, 172.16.100.128 0.0.0.31) so the packets destined for these networks will not be affected by the default route. The default route configured on R1 “ip route 0.0.0.0 0.0.0.0 serial0/0 will send any packet whose destination network is not referenced in the routing table of router R1 to R2, it doesn’t drop anything so answers A, B and C are not correct. D is not correct too because these routes are declared in R1 and the question says that “OSPF has been correctly configured on router R2, so network directly connected to router R2 can communicate with those three subnetworks. As said above, the default route configured on R1 will send any packet destined for a network that is not referenced in its routing table to R2; R2 in turn sends it to R1 because it is the only way and a routing loop will occur.

QUESTION 335 Refer to the exhibit. Assume that all of the router interfaces are operational and configured correctly. How will router R2 be affected by the configuration of R1 that is shown in the exhibit?

A. Router R2 will not form a neighbor relationship with R1. B. Router R2 will obtain a full routing table, including a default route, from R1. C. R2 will obtain OSPF updates from R1, but will not obtain a default route from R1. D. R2 will not have a route for the directly connected serial network, but all other directly connected networks will be present, as well as the two Ethernet networks connected to R1.

Answer: A Explanation: “ip route 0.0.0.0 0.0.0.0 serial0/0” is causing a loop. configuration is going to cause a loop and the link between R1 and R2 will be congested, OSPF will not perform relationship between them. From its name, OSPF is a Link-State routing protocol, and the link state between R1 and R2 is simply down or something like that.

QUESTION 336 Refer to the exhibit. RTA is configured with a basic configuration. The link between the two routers is operational and no routing protocols are configured on either router. The line shown in the exhibit is then added to router RTA . Should interface Fa0/0 on router RTB shut down, what effect will the shutdown have on router RTA?

A. A route to 172.16.14.0/24 will remain in the RTA routing table. B. A packet to host 172.16.14.225 will be dropped by router RTA C. Router RTA will send an ICMP packet to attempt to verify the route. D. Because router RTB will send a poison reverse packet to router RTA, RTA will remove the route.

QUESTION 337 Refer to the exhibit. The show interfaces serial 0/1 command was issued on the R10-1 router. Based on the output displayed which statement is correct?

A. The cable connected to the serial 0/1 interface of the R10-1 router is a DTE cable. B. The R10-1 router can ping the router interface connected to the serial 0/1 interface. C. The clock rate used for interface serial 0/1 of the R10-1 router is 1,544,000 bits per second. D. The CSU used with the serial 0/1 interface of the R10-1 router has lost connection to the service provider. E. The interface of the remote router connected to the serial 0/1 interface of the R10-1 router is using the default serial interface encapsulation.

Answer: BDE Explanation: By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring…) configured by default -> A is not correct. To communicate between two different VLANs we need to use a Layer 3 device like router or Layer 3 switch -> B is correct. VLANs don’t affect the number of collision domains, they are the same -> C is not correct. Typically, VLANs increase the number of broadcast domains.We must use a different network (or sub-network) for each VLAN. For example we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 -> D is correct. A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this frame on trunk ports) -> E is correct. We can use multiple switches to expand VLAN -> F is not correct.

QUESTION 339 The output of the show frame-relay pvc command shows “PVC STATUS = INACTIVE”. What does this mean?

A. The PVC is configured correctly and is operating normally, but no data packets have been detected for more than five minutes. B. The PVC is configured correctly, is operating normally, and is no longer actively seeking the address of the remote router. C. The PVC is configured correctly, is operating normally, and is waiting for interesting traffic to trigger a call to the remote router. D. The PVC is configured correctly on the local switch, but there is a problem on the remote end of the PVC E. The PVC is not configured on the local switch.

Answer: D Explanation: The PVC STATUS displays the status of the PVC. The DCE device creates and sends the report to the DTE devices. There are 4 statuses: ACTIVE: the PVC is operational and can transmit dataINACTIVE: the connection from the local router to the switch is working, but the connection to the remote router is not availableDELETED: the PVC is not present and no LMI information is being received from the Frame Relay switch STATIC: the Local Management Interface (LMI) mechanism on the interface is disabled (by using the “no keepalive” command). This status is rarely seen.

QUESTION 340 Refer to the exhibit. Hosts in network 192.168.2.0 are unable to reach hosts in network 192.168.3.0. Based on the output from RouterA, what are two possible reasons for the failure? (Choose two.)

A. The cable that is connected to S0/0 on RouterA is faulty. B. Interface S0/0 on RouterB is administratively down. C. Interface S0/0 on RouterA is configured with an incorrect subnet mask. D. The IP address that is configured on S0/0 of RouterB is not in the correct subnet. E. Interface S0/0 on RouterA is not receiving a clock signal from the CSU/DSU. F. The encapsulation that is configured on S0/0 of RouterB does not match the encapsulation that is configured on S0/0 of RouterA

QUESTION 341 Refer to the exhibit. The output that is shown is generated at a switch. Which three statements are true? (Choose three.)

A. All ports will be in a state of discarding, learning, or forwarding. B. Thirty VLANs have been configured on this switch. C. The bridge priority is lower than the default value for spanning tree. D. All interfaces that are shown are on shared media. E. All designated ports are in a forwarding state. F. This switch must be the root bridge for all VLANs on this switch.

Answer: ACE Explanation: From the output, we see that all ports are in Designated role (forwarding state) -> A and E are correct. The command “show spanning-tree vlan 30 only shows us information about VLAN 30. We don’t know how many VLAN exists in this switch -> B is not correct. The bridge priority of this switch is 24606 which is lower than the default value bridge priority 32768 -> C is correct. All three interfaces on this switch have the connection type “p2p”, which means Point-to-point environment – not a shared media >; D is not correct. The only thing we can specify is this switch is the root bridge for VLAN 3o but we can not guarantee it is also the root bridge for other VLANs -> F is not correct.

QUESTION 342 Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with RouterC?

A. AS numbers must be changed to match on all the routers B. Loopback interfaces must be configured so a DR is elected C. The no auto-summary command is needed on Router A and Router C D. Router B needs to have two network statements, one for each connected network

Answer: A Explanation: Here we required same autonomous system between router A,B,C.Routing updated always exchange between in same EIGRP EIGRP autonomous system.you can configure more than one EIGRP autonomous system on the same router. This is typically done at a redistribution point where two EIGRP autonomous systems are interconnected. Individual router interfaces should only be included within a single EIGRP autonomous system. Cisco does not recommend running multiple EIGRP autonomous systems on the same set of interfaces on the router. If multiple EIGRP autonomous systems are used with multiple points of mutual redistribution, it can cause discrepancies in the EIGRP topology table if correct filtering is not performed at the redistribution points. If possible, Cisco recommends you configure only one EIGRP autonomous system in any single autonomous system. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f07.shtml

QUESTION 343 Which term describes a spanning-tree network that has all switch ports in either the blocking or fowarding state?

A. converged B. redundant C. provisioned D. spanned

Answer: A Explanation: Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge is elected and all port roles (Root, Designated and Non-Designated) in all switches are selected.

QUESTION 344 Refer to the exhibit. A technician has configured the FastEthernet 0/1 interface on Sw11 as an access link in VLAN 1. Based on the output from the show vlan brief command issued on Sw12, what will be the result of making this change on Sw11?

A. Only the hosts in VLAN 1 on the two switches will be able to communicate with each other. B. The hosts in all VLANs on the two switches will be able to communicate with each other. C. Only the hosts in VLAN 10 and VLAN 15 on the two switches will be able to communicate with each other. D. Hosts will not be able to communicate between the two switches.

Answer: D Explanation: VLANs are local to each switch’s database, and VLAN information is not passed between switches. Trunks carry traffic from all VLANs to and from the switch by default but can be configured to carry only specified VLAN traffic. Trunk links are required to pass VLAN information between switches. So sw 11 port should be trunk not access port. Additionally, there are no ports assigned to VLAN 1.

QUESTION 345 Refer to the exhibit. What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2? (Choose two.)

Answer: C Explanation: This command is used to verify whether the frame-relay inverse-arp command resolved a remote IP address to a local DLCI. Use the show frame-relay map command to display the current map entries and information about the connections.

QUESTION 347 After you configure a new router to connect to a host through the GigabitEthernet0/0 port of the router, you log in to the router and observe that the new link is down. Which action corrects the Problem?

A. Use a crossover cable between the host and R1. B. Use a straight through cable between the host and R1. C. Configure the host to use R1 as the default gateway. D. Use a rollover cable between the host and R1.

Answer: A

QUESTION 348 Which two statements about the spanning-tree bridge ID are true? (Choose two)

A. It is composed of a 4-bit bridge priority and a 12-bit system ID extension. B. The bridge ID is transmitted in the IP header to elect the root bridge. C. The system ID extension is a value between 1 and 4095. D. It is composed of an 8-bit bridge priority and a 16-bit system ID extension. E. The bridge priority must be incremented in blocks of 4096.

Answer: AE

QUESTION 349 Refer to the exhibit. Which switch in this configuration becomes the root bridge?

A. SW1 B. SW2 C. SW3 D. SW4

Answer: C

QUESTION 350 Which identification number is valid for an extended ACL?

A. 1 B. 64 C. 99 D. 100 E. 299 F. 1099

Answer: D

Lead2pass is now here to help you with your 200-105 exam certification problems. Because we are the best 200-105 exam questions training material providing vendor, all of our candidates get through 200-105 exam without any problem.